From mboxrd@z Thu Jan  1 00:00:00 1970
From: =?ISO-8859-2?Q?Andr=E9s Gri=F1=F3 Brandt?= <agrino@porsiempre.cl>
Date: Thu, 07 Mar 2002 07:37:04 +0000
Subject: [LARTC] Src IP for outgoing packet with multiple defaults routes
Message-Id: <marc-lartc-101551599620984@msgid-missing>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
To: lartc@vger.kernel.org

Hi:

Abstract: Linux connected to two different ISP. Outgoing packets seems to p=
eek randomly it's source IP address, without regards to the router choosen.

Test bed:
1. Linux Red Hat 7.2 (fw1) with kernel 2.4.7-10, no patches, all netfilter =
and adv. routing options on.
2. One "internet" ethernet card that connect to a switch. The switch connec=
t the two routers also.
3. Linux have two IP: 200.72.44.226 and 200.27.214.226.
4. ip route list show:
   200.72.44.224/27 dev eth0 scope link
   200.27.214.224/29 dev eth0 proto kernel scope link src 200.27.214.226
   default equalize=20
           nexthop via 200.27.214.225 dev eth0 weight 1
           nexthop via 200.72.44.225  dev eth0 weight 3
6. No MASQ, no SNAT, no DNAT for packets locally generated.
6. Ethercap running in eth0.
5. Another Linux (ws1) also running ethercap over the wire between router 2=
00.27.214.225 and the switch (via a hub). This machine have address 200.27.=
214.227.

What I see, after running ethercap at the same time (and for the same perio=
d) on both machines:
1. Ethercap on fw1 capture ~4.500 packets, on sw1 capture ~1.900 packets.
2. On sw1 ethercap show me only packets routed thru router 200.27.214.225. =
I check the destination mac address, and it definitly router 200.27.214.225.
3. But on sw1, I see outgoing packets having both source IP 200.27.214.226 =
and 200.72.44.226.

This is wrong. Packets with source IP 200.72.44.226 must not reach router 2=
00.27.214.226. AFIK, an outgoing packet must have a source address in the s=
ame subnet that the router being used.

Ideas?

Andr=E9s Gri=F1=F3 Brandt
Santiago, Chile
http://galeria.porsiempre.cl [Fotos de viajes, familia, club, etc.]
http://club.porsiempre.cl [Sitio del Club Buceo Aventura]
http://buceo.porsiempre.cl [P=E1gina Personal]

------------------------------
http://jawmail.sourceforge.net

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/